Commit 722d3057 authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Suck in changes from HEAD

    Fix slapd schema error alignment bug
    Update slapd SASL proxy policy code
    Update slapd require "strong" check
    Update back-bdb entry locking
    Add slapd disallow bind_simple_unprotected directive
    Add back-monitor added monitorContext support
    Add slapd IPv4/v6 only options
    Ass slapd SASL setpass support
    Remove lint
    Build Environment
        Add monitor backend test
        Update <ac/socket.h> SHUT_RDWR
        Fix SASL-less build issues
        Fix back-perl build issues
parent e41036f3
OpenLDAP 2.1 Change Log
OpenLDAP 2.1.2 Engineering
<insert changes here>
OpenLDAP 2.1.3 Engineering
Fix slapd schema error alignment bug
Update slapd SASL proxy policy code
Update slapd require "strong" check
Update back-bdb entry locking
Add slapd disallow bind_simple_unprotected directive
Add back-monitor added monitorContext support
Add slapd IPv4/v6 only options
Ass slapd SASL setpass support
Remove lint
Build Environment
Add monitor backend test
Update <ac/socket.h> SHUT_RDWR
Fix SASL-less build issues
Fix back-perl build issues
OpenLDAP 2.1.2 Release
Initial release for "general" use.
......
# $OpenLDAP$
## Copyright 1998-2002 The OpenLDAP Foundation
## COPYING RESTRICTIONS APPLY. See COPYRIGHT File in top level directory
## of this package for details.
##---------------------------------------------------------------------------
##
## Makefile Template for Manual Pages
##
MANDIR=$(mandir)/man$(MANSECT)
TMP_SUFFIX=tmp
all-common:
PAGES=`cd $(srcdir); echo *.$(MANSECT)`; \
for page in $$PAGES; do \
$(SED) -e "s%LDVERSION%$(VERSION)%" \
-e 's%ETCDIR%$(sysconfdir)%' \
-e 's%LOCALSTATEDIR%$(localstatedir)%' \
-e 's%SYSCONFDIR%$(sysconfdir)%' \
-e 's%DATADIR%$(datadir)%' \
-e 's%SBINDIR%$(sbindir)%' \
-e 's%BINDIR%$(bindir)%' \
-e 's%LIBDIR%$(libdir)%' \
-e 's%LIBEXECDIR%$(libexecdir)%' \
-e 's%RELEASEDATE%$(RELEASEDATE)%' \
$(srcdir)/$$page > $$page.$(TMP_SUFFIX); \
done
install-common:
-$(MKDIR) $(DESTDIR)$(MANDIR)
PAGES=`cd $(srcdir); echo *.$(MANSECT)`; \
for page in $$PAGES; do \
echo "installing $(MANDIR)/$$page"; \
$(RM) $(DESTDIR)$(MANDIR)/$$page; \
$(INSTALL) $(INSTALLFLAGS) -m 644 $$page.$(TMP_SUFFIX) $(DESTDIR)$(MANDIR)/$$page; \
if test -f "$(srcdir)/$$page.links" ; then \
for link in `$(CAT) $(srcdir)/$$page.links`; do \
echo "installing $(MANDIR)/$$link as link to $$page"; \
$(RM) $(DESTDIR)$(MANDIR)/$$link ; \
$(LN_S) $$page $(DESTDIR)$(MANDIR)/$$link; \
done; \
fi; \
done
clean-common: FORCE
$(RM) *.tmp all-common
Makefile: $(top_srcdir)/build/man.mk
......@@ -313,10 +313,14 @@ AC_DEFUN([OL_BERKELEY_DB_LINK],
[ol_cv_lib_db=no
OL_BERKELEY_DB_TRY(ol_cv_db_none)
OL_BERKELEY_DB_TRY(ol_cv_db_db4,[-ldb4])
OL_BERKELEY_DB_TRY(ol_cv_db_db_4,[-ldb-4])
OL_BERKELEY_DB_TRY(ol_cv_db_db,[-ldb])
OL_BERKELEY_DB_TRY(ol_cv_db_db3,[-ldb3])
OL_BERKELEY_DB_TRY(ol_cv_db_db_3,[-ldb-3])
OL_BERKELEY_DB_TRY(ol_cv_db_db2,[-ldb2])
OL_BERKELEY_DB_TRY(ol_cv_db_db_2,[-ldb-2])
OL_BERKELEY_DB_TRY(ol_cv_db_db1,[-ldb1])
OL_BERKELEY_DB_TRY(ol_cv_db_db_1,[-ldb-1])
])
dnl
dnl --------------------------------------------------------------------
......
......@@ -10,6 +10,7 @@
##
PACKAGE= @PACKAGE@
VERSION= @VERSION@
RELEASEDATE= @OPENLDAP_RELEASE_DATE@
@SET_MAKE@
SHELL = /bin/sh
......
This diff is collapsed.
......@@ -83,6 +83,9 @@ AC_DEFINE_UNQUOTED(LDAP_VENDOR_VERSION_PATCH,$OL_PATCH,Patch)
OPENLDAP_LIBVERSION=$OL_API_LIB
AC_SUBST(OPENLDAP_LIBVERSION)dnl
OPENLDAP_RELEASE_DATE="$OL_RELEASE_DATE"
AC_SUBST(OPENLDAP_RELEASE_DATE)dnl
dnl We use autoconf features new to 2.13.
dnl aclocal.m4 should be built using aclocal from automake 1.4
dnl libtool 1.4.2 should be installed.
......@@ -127,7 +130,8 @@ OL_ARG_ENABLE(syslog,[ --enable-syslog enable syslog support], auto)dnl
OL_ARG_ENABLE(proctitle,[ --enable-proctitle enable proctitle support], yes)dnl
OL_ARG_ENABLE(cache,[ --enable-cache enable caching (experimental)], no)dnl
OL_ARG_ENABLE(referrals,[ --enable-referrals enable LDAPv2+ Referrals (experimental)], no)dnl
OL_ARG_ENABLE(kbind,[ --enable-kbind enable LDAPv2+ Kerberos IV bind (deprecated)], no)dnl
dnl OL_ARG_ENABLE(kbind,[ --enable-kbind enable LDAPv2+ Kerberos IV bind (deprecated)], no)dnl
ol_enable_kbind=${ol_enable_kbind-no}
OL_ARG_ENABLE(ipv6,[ --enable-ipv6 enable IPv6 support], auto)dnl
OL_ARG_ENABLE(local,[ --enable-local enable AF_LOCAL (AF_UNIX) socket support], auto)dnl
OL_ARG_ENABLE(x_compile,[ --enable-x-compile enable cross compiling],
......@@ -170,6 +174,7 @@ OL_ARG_ENABLE(lmpasswd,[ --enable-lmpasswd enable LAN Manager passwords], n
OL_ARG_ENABLE(spasswd,[ --enable-spasswd enable (Cyrus) SASL password verification], no)dnl
OL_ARG_ENABLE(modules,[ --enable-modules enable dynamic module support], no)dnl
dnl OL_ARG_ENABLE(multimaster,[ --enable-multimaster enable multimaster replication], no)dnl
ol_enable_multimaster=${ol_enable_multimaster-no}
OL_ARG_ENABLE(phonetic,[ --enable-phonetic enable phonetic/soundex], no)dnl
OL_ARG_ENABLE(rewrite,[ --enable-rewrite enable DN rewriting in back-ldap and back-meta], no)dnl
OL_ARG_ENABLE(rlookups,[ --enable-rlookups enable reverse lookups of client hostnames], no)dnl
......@@ -270,9 +275,9 @@ if test $ol_enable_slapd = no ; then
if test $ol_enable_modules = yes ; then
AC_MSG_WARN([slapd disabled, ignoring --enable-modules argument])
fi
dnl if test $ol_enable_multimaster = yes ; then
dnl AC_MSG_WARN([slapd disabled, ignoring --enable-multimaster argument])
dnl fi
if test $ol_enable_multimaster = yes ; then
AC_MSG_WARN([slapd disabled, ignoring --enable-multimaster argument])
fi
if test $ol_enable_wrappers = yes ; then
AC_MSG_WARN([slapd disabled, ignoring --enable-wrappers argument])
fi
......@@ -345,7 +350,7 @@ dnl fi
ol_enable_sql=no
ol_enable_modules=no
dnl ol_enable_multimaster=no
ol_enable_multimaster=no
ol_enable_phonetic=no
ol_enable_rlookups=no
ol_enable_aci=no
......@@ -2462,9 +2467,9 @@ fi
if test "$ol_link_spasswd" != no ; then
AC_DEFINE(SLAPD_SPASSWD,1,[define to support SASL passwords])
fi
dnl if test "$ol_enable_multimaster" != no ; then
dnl AC_DEFINE(SLAPD_MULTIMASTER,1,[define to support multimaster replication])
dnl fi
if test "$ol_enable_multimaster" != no ; then
AC_DEFINE(SLAPD_MULTIMASTER,1,[define to support multimaster replication])
fi
if test "$ol_enable_phonetic" != no ; then
AC_DEFINE(SLAPD_PHONETIC,1,[define to support phonetic])
fi
......
......@@ -17,7 +17,7 @@ ud D * cd f l p s uv
* reserved
GJNgijmoqy
GJNgijmoqy01235789
* General flags:
-C Chase Referrals
......@@ -34,6 +34,8 @@ ud D * cd f l p s uv
-p port
-v verbose
-w Bind password
-4 IPv4 only
-6 IPv6 only
* LDAPv3 Only
......
......@@ -21,9 +21,9 @@ OpenLDAP 2.x Projects
---------------------
SLAPD
Complete Unicode Support (ACLs, etc.)
client API update
client C API update
Implement per referral/continuation callback
clients
clients (e.g. ldapsearch(1))
Implement referral chasing options w/ referral callback
Update manual pages
......@@ -39,28 +39,30 @@ Medium projects
Implement LDAP Transactions
Implement authPassword (RFC 3112)
Implement localization
Implement Proxy Authorization Group extension
Implement LCUP
Add LDIFv1 control support
Implement Proxy Authorization Control extension
Update to latest autoconf and friends
Small projects
--------------
Add LDIFv1 control support
Populate matchingRuleUse attribute in the subschema
Implement -V version options
Implement Proxy Authorization Control extension
Complete Simple Paged Results Control
Add No-Op Control support to ldap client tools
Add No-Op Control support to client tools (e.g. ldapsearch(1))
Add tests to test suite (ACI, moddn, manageDSAit, etc.)
Add support for Cyrus pwcheckd/saslauthd
Create ldapbind (from ldapcompare?) to support bind operations
Recode linked-list structs to use <ldap_queue.h> macros
Create ldapbind(1) to support bind operations
Convert utfconv.txt into man page(s).
Update any manual page
For additional TODO items, see:
http://www.openldap.org/its/index.cgi/Software%20Enhancements
http://www.openldap.org/its/index.cgi/Software%20Bugs
JLDAP TODO items, see:
http://www.openldap.org/devel/cvsweb.cgi/~checkout~/design/todo.txt?rev=1&cvsroot=JLDAP
---
......
INTERNET-DRAFT Michael P. Armijo
<draft-ietf-ldapext-locate-07.txt> Levon Esibov
February 20, 2002 Paul Leach
Expires: August 20, 2002 Microsoft Corporation
<draft-ietf-ldapext-locate-08.txt> Levon Esibov
June 5, 2002 Paul Leach
Expires: December 5, 2002 Microsoft Corporation
R.L. Morgan
University of Washington
......@@ -31,7 +31,7 @@ Status of this Memo
http://www.ietf.org/shadow.html.
Distribution of this memo is unlimited. It is filed as <draft-
ietf-ldapext-locate-07.txt>, and expires on August 20, 2002.
ietf-ldapext-locate-08.txt>, and expires on December 5, 2002.
Please send comments to the authors.
Copyright Notice
......@@ -56,7 +56,7 @@ Abstract
Armijo, Esibov, Leach and Morgan [Page 1]
INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
INTERNET-DRAFT Discovering LDAP Services with DNS June 5, 2002
......@@ -103,6 +103,18 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
reasonable because many objects of interest are named with domain
names, and use of domain-name-based DNs is becoming common.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [9].
Armijo, Esibov, Leach and Morgan [Page 2]
INTERNET-DRAFT Discovering LDAP Services with DNS June 5, 2002
2. Mapping Distinguished Names into Domain Names
......@@ -112,11 +124,6 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
DNs cannot be converted into a domain name. Converted DNs result
in a fully qualified domain name.
Armijo, Esibov, Leach and Morgan [Page 2]
INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
The output domain name is initially empty. The DN is processed in
right-to-left order (i.e., beginning with the first RDN in the
......@@ -163,16 +170,9 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
Armijo, Esibov, Leach and Morgan [Page 3]
INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
INTERNET-DRAFT Discovering LDAP Services with DNS June 5, 2002
Presence of such records enables clients to find the LDAP servers
......@@ -191,7 +191,7 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
that satisfy the requested criteria. The following is an example of
such a record:
_ldap._tcp.example.net. IN SRV 0 0 389 phoenix.example.net.
_ldap._tcp.example.net. IN SRV 0 0 389 phoenix.example.net.
The set of returned records may contain multiple records in the case
where multiple LDAP servers serve the same domain. If there are no
......@@ -213,15 +213,15 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
intended to contact. See [7] for more information on security
threats and security mechanisms.
When using LDAP with TLS the client must check the server's name,
When using LDAP with TLS the client MUST check the server's name,
as described in section 3.6 of [RFC 2830]. As specified there, the
name the client checks for is the server's name before any
potentially insecure transformations, including the SRV record
lookup specified in this memo. Thus the name the client must check
lookup specified in this memo. Thus the name the client MUST check
for is the name obtained by doing the mapping step defined in
section 2 above. For example, if the DN "cn=John
Doe,ou=accounting,dc=example,dc=net" is converted to the DNS name
"example.net", the server's name must match "example.net".
"example.net", the server's name MUST match "example.net".
This document describes a method that uses DNS SRV records to
discover LDAP servers. All security considerations related to DNS
......@@ -230,7 +230,7 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
Armijo, Esibov, Leach and Morgan [Page 4]
INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
INTERNET-DRAFT Discovering LDAP Services with DNS June 5, 2002
6. References
......@@ -259,10 +259,11 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
"Authentication Methods for LDAP", RFC 2829, May 2000.
[8] Hodges, J., Morgan, R., Wahl, M., "Lightweight Directory Access
Protocol (v3): Extension for Transport Layer Security", RFC 2830,
May 2000.
Protocol (v3): Extension for Transport Layer Security",
RFC 2830, May 2000.
[9] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
......@@ -285,10 +286,9 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
levone@microsoft.com
Armijo, Esibov, Leach and Morgan [Page 5]
INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
INTERNET-DRAFT Discovering LDAP Services with DNS June 5, 2002
RL "Bob" Morgan
University of Washington
......@@ -346,7 +346,7 @@ herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE
Armijo, Esibov, Leach and Morgan [Page 6]
INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
INTERNET-DRAFT Discovering LDAP Services with DNS June 5, 2002
INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
......@@ -356,7 +356,7 @@ WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE."
10. Expiration Date
This documentis filed as <draft-ietf-ldapext-locate-06.txt>, and
expires August 20, 2002.
This document is filed as <draft-ietf-ldapext-locate-08.txt>, and
expires December 5, 2002.
Armijo, Esibov, Leach and Morgan [Page 7]
\ No newline at end of file
This diff is collapsed.
.TH LDAPDELETE 1 "20 August 2001" "OpenLDAP LDVERSION"
.TH LDAPDELETE 1 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" $OpenLDAP$
.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
......
.TH LDAPMODIFY 1 "20 August 2001" "OpenLDAP LDVERSION"
.TH LDAPMODIFY 1 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" $OpenLDAP$
.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
......
.TH LDAPMODRDN 1 "13 November 1995" "U-M LDAP LDVERSION"
.TH LDAPMODRDN 1 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" $OpenLDAP$
.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
ldapmodrdn \- ldap modify entry RDN tool
ldapmodrdn \- LDAP rename entry tool
.SH SYNOPSIS
.B ldapmodrdn
.B [\-r]
.B [\-n]
.B [\-v]
.B [\-k]
.B [\-K]
.B [\-c]
.B [\-d debuglevel]
.B [\-D binddn]
.B [\-w passwd]
.B [\-h ldaphost]
.B [\-p ldapport]
.B [\-f file] [dn rdn]
[\c
.BR \-r ]
[\c
.BR \-n ]
[\c
.BR \-v ]
[\c
.BR \-k ]
[\c
.BR \-K ]
[\c
.BR \-c ]
[\c
.BR \-C ]
[\c
.BR \-M[M] ]
[\c
.BI \-d \ debuglevel\fR]
[\c
.BI \-D \ binddn\fR]
[\c
.BR \-W ]
[\c
.BI \-w \ passwd\fR]
[\c
.BI \-H \ ldapuri\fR]
[\c
.BI \-h \ ldaphost\fR]
[\c
.BI \-p \ ldapport\fR]
[\c
.BI \-P \ 2\fR\||\|\fI3\fR]
[\c
.BR \-O \ security-properties ]
[\c
.BR \-I ]
[\c
.BR \-Q ]
[\c
.BI \-U \ authcid\fR]
[\c
.BR \-x ]
[\c
.BI \-X \ authzid\fR]
[\c
.BI \-Y \ mech\fR]
[\c
.BR \-Z[Z] ]
[\c
.BI \-f \ file\fR]
[\c
.I dn rdn\fR]
.SH DESCRIPTION
.B ldapmodrdn
is a shell-accessible interface to the
......@@ -41,21 +84,29 @@ debugging in conjunction with -v.
Use verbose mode, with many diagnostics written to standard output.
.TP
.B \-k
Use Kerberos authentication instead of simple authentication. It is
Use Kerberos IV authentication instead of simple authentication. It is
assumed that you already have a valid ticket granting ticket.
.B ldapmodrdn
must be compiled with KERBEROS defined for this option to have effect.
must be compiled with Kerberos support for this option to have effect.
.TP
.B \-K
Same as \-k, but only does step 1 of the kerberos bind. This is useful
Same as \-k, but only does step 1 of the Kerberos IV bind. This is useful
when connecting to a slapd and there is no x500dsa.hostname principal
registered with your kerberos servers.
registered with your Kerberos Domain Controller(s).
.TP
.B \-C
Automatically chase referrals.
.TP
.B \-c
Continuous operation mode. Errors are reported, but ldapmodify
will continue with modifications. The default is to exit after
reporting an error.
.TP
.B \-M[M]
Enable manage DSA IT control.
.B \-MM
makes control critical.
.TP
.B \-d debuglevel
Set the LDAP debugging level to \fIdebuglevel\fP.
.B ldapmodrdn
......@@ -66,18 +117,65 @@ compiled with LDAP_DEBUG defined for this option to have any effect.
Read the entry modification information from \fIfile\fP instead of from
standard input or the command-line.
.TP
.B \-x
Use simple authentication instead of SASL.
.TP
.B \-D binddn
Use \fIbinddn\fP to bind to the X.500 directory. \fIbinddn\fP should be
a string-represented DN as defined in RFC 1779.
Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory.
.TP
.B \-W
Prompt for simple authentication.
This is used instead of specifying the password on the command line.
.TP
.B \-w passwd
Use \fIpasswd\fP as the password for simple authentication.
.TP
.B \-h ldaphost
.BI \-H \ ldapuri
Specify URI(s) referring to the ldap server(s).
.TP
.BI \-h \ ldaphost
Specify an alternate host on which the ldap server is running.
Deprecated in favor of -H.
.TP
.B \-p ldapport
.BI \-p \ ldapport
Specify an alternate TCP port where the ldap server is listening.
Deprecated in favor of -H.
.TP
.BI \-P \ 2\fR\||\|\fI3
Specify the LDAP protocol version to use.
.TP
.BI \-O \ security-properties
Specify SASL security properties.
.TP
.B \-I
Enable SASL Interactive mode. Always prompt. Default is to prompt
only as needed.
.TP
.B \-Q
Enable SASL Quiet mode. Never prompt.
.TP
.BI \-U \ authcid
Specify the authentication ID for SASL bind. The form of the ID
depends on the actual SASL mechanism used.
.TP
.BI \-X \ authzid
Specify the requested authorization ID for SASL bind.
.I authzid
must be one of the following formats:
.B dn:\c
.I <distinguished name>
or
.B u:\c
.I <username>
.TP
.BI \-Y \ mech
Specify the SASL mechanism to be used for authentication. If it's not
specified, the program will choose the best mechanism the server knows.
.TP
.B \-Z[Z]
Issue StartTLS (Transport Layer Security) extended operation. If you use
.B \-ZZ\c
, the command will require the operation to be successful.
.SH INPUT FORMAT
If the command-line arguments \fIdn\fP and \fIrdn\fP are given, \fIrdn\fP
will replace the RDN of the entry specified by the DN, \fIdn\fP.
......@@ -99,7 +197,7 @@ Assuming that the file
exists and has the contents:
.LP
.nf
cn=Modify Me, o=University of Michigan, c=US
cn=Modify Me,dc=example,dc=com
cn=The New Me
.fi
.LP
......@@ -120,13 +218,13 @@ status and a diagnostic message being written to standard error.
.BR ldapdelete (1),
.BR ldapmodify (1),
.BR ldapsearch (1),
.BR ldap.conf (5),
.BR ldap (3),
.BR ldap_modrdn2 (3)
.LP
Kille, S.,
.IR "A String Representation of Distinguished Names",
.SM RFC
1779,
ISODE Consortium, March 1995.
.SH BUGS
There is no interactive mode, but there probably should be.
.SH AUTHOR
The OpenLDAP Project <http://www.openldap.org/>
.SH ACKNOWLEDGEMENTS
.B OpenLDAP
is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
.B OpenLDAP
is derived from University of Michigan LDAP 3.3 Release.
.TH LDAPPASSWD 1 "20 August 2001" "OpenLDAP LDVERSION"
.TH LDAPPASSWD 1 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" $OpenLDAP$
.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
......
.TH LDAPSEARCH 1 "29 March 1996" "U-M LDAP LDVERSION"
.TH LDAPSEARCH 1 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" $OpenLDAP$
.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
ldapsearch \- ldap search tool
ldapsearch \- LDAP search tool
.SH SYNOPSIS
.B ldapsearch
.B [\-n]
.B [\-u]
.B [\-v]
.B [\-k]
.B [\-K]
.B [\-t]
.B [\-A]
.B [\-B]
.B [\-L]
.B [\-R]
.B [\-d debuglevel]
.B [\-F sep]
.B [\-f file]
.B [\-D binddn]
.B [\-w bindpasswd]
.B [\-h ldaphost]
.B [\-p ldapport]
.B [\-b searchbase]
.B [\-s scope ]
.B [\-a deref]